Path: utzoo!attcan!uunet!wuarchive!brutus.cs.uiuc.edu!apple!rutgers!columbia!cunixc!fuat
From: fuat@cunixc.cc.columbia.edu (Fuat C. Baran)
Newsgroups: comp.unix.questions
Subject: Re: .plan
Message-ID: <1810@cunixc.cc.columbia.edu>
Date: 24 Aug 89 21:25:05 GMT
References: <61@towernet.UUCP> <1989Aug23.192105.21328@ee.rochester.edu> <10814@smoke.BRL.MIL>
Reply-To: fuat@cunixc.cc.columbia.edu (Fuat C. Baran)
Organization: Columbia University Center for Computing Activities
Lines: 20

In article <10814@smoke.BRL.MIL> gwyn@brl.arpa (Doug Gwyn) writes:
>If "finger" really does dump the contents of .plan literally to a terminal,
>then you could exploit that misfeature to force-feed one of the terminal's
>programmable function keys, then dump it back.  That's a good way to run
>commands under somebody else's UID!  This would be a security hole that
>needs to be fixed.

It's not really finger that needs to be fixed, but the terminal.
There should be a way to lock out reprogramming of function keys, etc.
in a setup menu.  People using such terminals should be aware of the
risks.  Otherwise, all you need to do is put a file called
/tmp/PLEASE-README, and wait for someone with the right terminal (and
capabilities) to cat it.  And that isn't a security hole in cat...

						--Fuat
-- 
INTERNET: fuat@columbia.edu          U.S. MAIL: Columbia University
BITNET:   fuat@cunixc.cc.columbia.edu           Center for Computing Activities
USENET:   ...!rutgers!columbia!cunixc!fuat      712 Watson Labs, 612 W115th St.
PHONE:    (212) 854-5128                        New York, NY 10025